cmd 日志文件的高级解析

Question

我需要在 cmd 中解析日志文件（使用 find 或 findstr 命令）以获取特定记录。

日志文件示例：

[2017-04-10 10:53:58.597] [info   ] [settings   ] [ 1052: 1012] paths.ini_store configuration is empty, settings ini store folder to asw::instup::GetDataDirectory.
[2017-04-10 10:53:58.597] [info   ] [crashguard ] [ 1052: 1012] CrashGuard global exception handler installed
[2017-04-10 10:53:58.738] [debug  ] [lim_base   ] [ 1052: 3560] Alpha's version:'1
[2017-04-10 10:53:58.738] [info   ] [lim_base   ] [ 1052: 3560] Alpha settings - enabled:'1'
[2017-04-10 10:54:35.118] [debug  ] [lim_av     ] [ 1052: 4960] ALPHA PROTO:
                                                                'walletKey: "XXXXX-YYYYY-ZZZZZZ"
                                                                '
[2017-04-10 10:54:35.196] [debug  ] [aswlog     ] [ 1052: 4524] c:\windows\system32\fundisc.dll
[2017-04-10 10:54:35.212] [info   ] [lim_av     ] [ 1052: 4960] IQS - response
[2017-04-10 10:54:35.227] [debug  ] [aswlog     ] [ 1052: 4524] c:\windows\system32\fvecerts.dll
[2017-04-10 10:54:35.227] [debug  ] [lim_burg   ] [ 1052: 4960] IqsInfo
[2017-04-10 10:54:35.227] [debug  ] [lim_burg   ] [ 1052: 4960] ALPHA PROTO:
                                                                'token: "ea0989e5-acdc-4cf6-ba1c-e9bdad98b7ce"
                                                                wallet_key: "XXXXX-YYYYY-ZZZZZZ"
                                                                data: SOME_DATA
                                                                success: true
                                                                '
[2017-04-10 10:56:05.986] [debug  ] [settings   ] [ 1052: 2444] Property 'avdef://config/Custody/Enabled' has no entry in defaults map.
[2017-04-10 10:56:06.018] [debug  ] [settings   ] [ 1052: 2444] Property 'avdef://config/Custody/Enabled' has no entry in defaults map.

我需要的输出（控制台或文件输出）如下：

1. 包含“[lim”字符串的整条记录（这非常简单，但是..）
2. 部分位于“PROTO:”和下一条记录的开头 [2017..
之间

所以对于上面的例子，它应该给我：

[2017-04-10 10:53:58.738] [debug  ] [lim_base   ] [ 1052: 3560] Alpha's version:'1
[2017-04-10 10:53:58.738] [info   ] [lim_base   ] [ 1052: 3560] Alpha settings - enabled:'1'
[2017-04-10 10:54:35.118] [debug  ] [lim_av     ] [ 1052: 4960] ALPHA PROTO:
                                                                'walletKey: "XXXXX-YYYYY-ZZZZZZ"
                                                                '
[2017-04-10 10:54:35.212] [info   ] [lim_av     ] [ 1052: 4960] IQS - response
[2017-04-10 10:54:35.227] [debug  ] [lim_burg   ] [ 1052: 4960] IqsInfo
[2017-04-10 10:54:35.227] [debug  ] [lim_burg   ] [ 1052: 4960] ALPHA PROTO:
                                                                'token: "ea0989e5-acdc-4cf6-ba1c-e9bdad98b7ce"
                                                                wallet_key: "XXXXX-YYYYY-ZZZZZZ"
                                                                data: SOME_DATA
                                                                success: true
                                                                '

我google了一下，调整后如下：

@echo off > newfile & setLocal enableDELAYedeXpansioN
set H=
set T=
for /f "tokens=1* delims=" %%a IN ('find /n /i "PROTO:" service.log') do (
  echo.%%a
  set H=%%a
  for /f "tokens=1* delims=" %%a in ('find /n /i "'" service.log') do (
    set T=%%a
    )
  for /f "tokens=1* delims= " %%a in ('find /n /v "[2017" service.log') do (
  if %%a gtr !H! if %%a lss !T! echo.%%b
  )
)

但它无法满足我的需要，非常感谢您的帮助。谢谢！

Answer 1

@echo off
setlocal

rem Reading from input file, call :processFile subroutine and create output file
call :processFile < service.log > newfile.txt
goto :EOF


:processFile

rem Read lines until find "[lim" string
set /P "line="
if errorlevel 1 exit /B
:checkLine
if "%line:[lim=%" equ "%line%" goto processFile

rem Output this line
echo %line%

rem Check if this line have "PROTO:" string
if "%line:PROTO:=%" equ "%line%" goto processFile

rem Output next lines until find "[2017" string at beginning
:nextLine
set /P "line="
if errorlevel 1 exit /B
if "%line:~0,5%" equ "[2017" goto checkLine
echo %line%
goto nextLine